Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

Website based on LAMP or LEMP stack using Terraform

Written by
Updated at November 27, 2025

To create an infrastructure for a website on the LAMP or LEMP stack using Terraform:

  1. Get your cloud ready.
  2. Create your infrastructure.
  3. Upload the website files.
  4. Test the website.

We will use the example.com domain name as an example.

If you no longer need the resources you created, delete them.

Get your cloud ready

Sign up for Yandex Cloud and create a billing account:

  1. Navigate to the management console and log in to Yandex Cloud or create a new account.
  2. On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the ACTIVE or TRIAL_ACTIVE status. If you do not have a billing account, create one and link a cloud to it.

If you have an active billing account, you can navigate to the cloud page to create or select a folder for your infrastructure.

Learn more about clouds and folders here.

The infrastructure support costs for a website include:

Create your infrastructure

With Terraform, you can quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. These files store the infrastructure description written in HashiCorp Configuration Language (HCL). If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.

Terraform is distributed under the Business Source License. The Yandex Cloud provider for Terraform is distributed under the MPL-2.0 license.

For more information about the provider resources, see the relevant documentation on the Terraform website or its mirror.

To create an infrastructure using Terraform:

  1. Install Terraform and get the authentication data.

  2. Specify the source for installing the Yandex Cloud provider (see Configure your provider, step 1).

  3. Set up your infrastructure description files:

    1. Create a directory.
    2. Download the archive (1 KB).
    3. Unpack the archive to the directory. As a result, it should contain the lamp-lemp.tf configuration file and the lamp-lemp.auto.tfvars user data file.

    1. Create a folder for the infrastructure description file.

    2. In the directory, create a configuration file named lamp-lemp.tf:

      lamp-lemp.tf
      # Declaring variables for custom parameters

variable "zone" {
  type = string
}

variable "folder_id" {
  type = string
}

variable "vm_image_family" {
  type = string
}

variable "vm_user" {
  type = string
}

variable "ssh_key_path" {
  type = string
}

variable "dns_zone" {
  type = string
}

# Adding other variables

locals {
  network_name       = "web-network"
  subnet_name        = "subnet1"
  sg_vm_name         = "sg-web"
  vm_name            = "lamp-vm"
  dns_zone_name      = "example-zone"
}

# Configuring a provider

terraform {
  required_providers {
    yandex    = {
      source  = "yandex-cloud/yandex"
      version = ">= 0.47.0"
    }
  }
}

provider "yandex" {
  folder_id = var.folder_id
}

# Creating a cloud network

resource "yandex_vpc_network" "network-1" {
  name = local.network_name
}

# Creating a subnet

resource "yandex_vpc_subnet" "subnet-1" {
  name           = local.subnet_name
  v4_cidr_blocks = ["192.168.1.0/24"]
  zone           = var.zone
  network_id     = yandex_vpc_network.network-1.id
}

# Creating a security group

resource "yandex_vpc_security_group" "sg-1" {
  name        = local.sg_vm_name
  network_id  = yandex_vpc_network.network-1.id
  egress {
    protocol       = "ANY"
    description    = "any"
    v4_cidr_blocks = ["0.0.0.0/0"]
  }
  ingress {
    protocol       = "TCP"
    description    = "ext-http"
    v4_cidr_blocks = ["0.0.0.0/0"]
    port           = 80
  }
  ingress {
    protocol       = "TCP"
    description    = "ext-https"
    v4_cidr_blocks = ["0.0.0.0/0"]
    port           = 443
  }
}

# Adding a prebuilt VM image

resource "yandex_compute_image" "lamp-vm-image" {
  source_family = var.vm_image_family
}

resource "yandex_compute_disk" "boot-disk" {
  name     = "bootvmdisk"
  type     = "network-hdd"
  zone     = "ru-central1-a"
  size     = "20"
  image_id = yandex_compute_image.lamp-vm-image.id
}

# Creating a VM instance

resource "yandex_compute_instance" "vm-lamp" {
  name        = local.vm_name
  platform_id = "standard-v3"
  zone        = var.zone
  resources {
    core_fraction = 20
    cores         = 2
    memory        = 1
  }
  boot_disk {
    disk_id = yandex_compute_disk.boot-disk.id
  }
  network_interface {
    subnet_id          = yandex_vpc_subnet.subnet-1.id
    nat                = true
    security_group_ids = [yandex_vpc_security_group.sg-1.id]
  }
  metadata = {
    user-data = "#cloud-config\nusers:\n  - name: ${var.vm_user}\n    groups: sudo\n    shell: /bin/bash\n    sudo: 'ALL=(ALL) NOPASSWD:ALL'\n    ssh_authorized_keys:\n      - ${file("${var.ssh_key_path}")}"
  }
}

# Creating a DNS zone

resource "yandex_dns_zone" "zone1" {
  name    = local.dns_zone_name
  zone    = var.dns_zone
  public  = true
}

# Creating a type A resource record

resource "yandex_dns_recordset" "rs-a" {
  zone_id = yandex_dns_zone.zone1.id
  name    = var.dns_zone
  type    = "A"
  ttl     = 600
  data    = [ yandex_compute_instance.vm-lamp.network_interface.0.nat_ip_address ]
}

# Creating a CNAME resource record

resource "yandex_dns_recordset" "rs-cname" {
  zone_id = yandex_dns_zone.zone1.id
  name    = "www"
  type    = "CNAME"
  ttl     = 600
  data    = [ var.dns_zone ]
}

    3. In the directory, create a user data file named lamp-lemp.auto.tfvars:

      lamp-lemp.auto.tfvars
      zone               = "<availability_zone>"
folder_id          = "<folder_ID>"
vm_image_family    = "<VM_image_family>"
vm_user            = "<VM_username>"
ssh_key_path       = "<path_to_public_SSH_key>"
dns_zone           = "<DNS_zone>"

    Learn more about the properties of Terraform resources in the relevant provider guides:

  4. In the lamp-lemp.auto.tfvars file, set the following user parameters:

    • zone: Availability zone the VM will reside in.
    • folder_id: Folder ID.
    • family_id: Specify the family of a VM image with the required components:
      • lamp: LAMP (Linux, Apache, MySQL®, and PHP).
      • lemp: LEMP (Linux, Nginx, MySQL®, and PHP).
    • vm_user: VM user name.
    • ssh_key_path: Path to the file with a public SSH key to authenticate the user on the VM. For more information, see Creating an SSH key pair.
    • dns_zone: DNS zone. Specify your registered domain with a period at the end, e.g., example.com..
      To use domain names in the public DNS zone, you need to delegate it to authoritative name servers. Specify ns1.yandexcloud.net and ns2.yandexcloud.net server addresses in your registrar's account settings.

  5. Create the resources:

    1. In the terminal, go to the directory where you edited the configuration file.

    2. Make sure the configuration file is correct using this command:

      terraform validate

      If the configuration is correct, you will get this message:

      Success! The configuration is valid.

    3. Run this command:

      terraform plan

      You will see a detailed list of resources. No changes will be made at this step. If the configuration contains any errors, Terraform will show them.

    4. Apply the changes:

      terraform apply

    5. Type yes and press Enter to confirm the changes.

  6. Get the VM public IP address: you will need it later to upload the website files.

After creating the infrastructure, upload the website files.

Upload the website files

To test the web server, upload the index.html file to the VM. You can use a test file. Download and unpack the archive.

  1. Find the VM public IP address under Network on the VM page in the management console.

  2. Connect to the VM via SSH.

  3. Grant your user write permissions for the /var/www/html directory:

    sudo chown -R "$USER":www-data /var/www/html

  4. Upload the website files to the VM via SCP.

    Use the scp command line utility:

    scp -r <path_to_directory_with_files> <VM_user_name>@<VM_IP_address>:/var/www/html

    Use WinSCP to copy the local file directory to /var/www/html on the VM.

After uploading the files, test the website.

Test the website

To test the site, enter its IP or domain name in your browser:

  • http://<public_IP_of_VM>
  • http://www.example.com

How to delete the resources you created

To stop paying for the resources you created:

  1. Open the lamp-lemp.tf file and delete your infrastructure description from it.

  2. Apply the changes:

    1. In the terminal, go to the directory where you edited the configuration file.

    2. Make sure the configuration file is correct using this command:

      terraform validate

      If the configuration is correct, you will get this message:

      Success! The configuration is valid.

    3. Run this command:

      terraform plan

      You will see a detailed list of resources. No changes will be made at this step. If the configuration contains any errors, Terraform will show them.

    4. Apply the changes:

      terraform apply

    5. Type yes and press Enter to confirm the changes.

See also

Previous
Management console
Next
Overview